Conpot is a low interactive server side Industrial Control Systems (ICS) honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systems.
For more info, you can refer at here
First, edit your apt list file and insert this line below:
nano /etc/apt/sources.list deb http://us.archive.ubuntu.com/ubuntu precise main multiverse
After that, update your OS:
sudo apt-get update
Then, install required dependencies:
sudo apt-get install libsmi2ldbl snmp-mibs-downloader python-dev libevent-dev libxslt1-dev libxml2-dev sqlite sqlite3 git
Some of dependencies need to be install via pip:
pip install --upgrade gevent pysnmp lxml bottle jinja2 beautifulsoup4 requests sphinx libtaxii xlrd crc16
- Ensure that you have installed python-pip before you run this command.
Install Modbus-tk (to create modbus app easily with Python):
cd /opt git clone https://github.com/glastopf/modbus-tk.git cd modbus-tk python setup.py build python setup.py install
Install Conpot:
cd /opt git clone https://github.com/glastopf/conpot.git cd conpot python setup.py build python setup.py install
Finish! Next step is to run the conpot:
$ conpot
Conpot is running on these port:
$ netstat -lnput | grep python
tcp 0 0 0.0.0.0:102 0.0.0.0:* LISTEN 62822/python
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 62822/python
tcp 0 0 0.0.0.0:502 0.0.0.0:* LISTEN 62822/python
udp 0 0 0.0.0.0:161 0.0.0.0:* 62822/python
Do ensure that those port is not occupied or used yet.